Virtualization

WebComics

Disclaimer?!?

The information in this weblog is provided "AS IS" with no warranties, and confers no rights. This weblog does not represent the thoughts, intentions, plans or strategies of my employer. It is solely my opinion. Inappropriate comments will be deleted at the authors discretion.

Archive for the ‘RTP’ Category

So I’m sitting there… having moved our SIP Gateway and VoIP Phone system behind the Firewall and then OMG ITS NOT WORKING! I mean, it is, and by it is, I mean, no. It isn’t working. :) Lo and behold technically OMG THE SOLUTION IS DISABLE SIP! Well, that sounds pretty ridiculous… But I guess it turns out that the system has a native SIP handler and knows better than we do! Well, you’re wrong. You don’t know better than we do, unless ‘knowing better’ means breaking my SIP traffic!

That said, there are a few other blogs where I found answers which helped lead to this solution (included below) but you know me.. I like to make sure I have a source to refer back to things and of course to share my experience on the matter, thus here it is! :)

Step One: Disable SIP Helper!

config system settings

set sip-helper disable

set sip-nat-trace disable

REBOOT THE DEVICE!!! (You may want to wait on rebooting until AFTER you do the next few steps!)

Step Two: Delete the SIP Helper

config system session-helper

show (Look for the SIP helper, often object 12)

delete # (whatever number the SIP helper was)

Step Three: Disable RTP Processing

config voip profile

edit default

config sip

set rtp disable

And there you have it! If you did the steps in reverse and then rebooted, your Fortigate should no longer be preventing your SIP traffic from working! That is also of course ensuring you’re sending all of the right ports through in your firewall rules… that’s up to you to check with your respective VoIP vendor to make sure you have the full compliment of ports, policies, etc!